GitBook: [master] 6 pages and 18 assets modified
Before Width: | Height: | Size: 341 KiB After Width: | Height: | Size: 341 KiB |
Before Width: | Height: | Size: 341 KiB After Width: | Height: | Size: 341 KiB |
Before Width: | Height: | Size: 341 KiB After Width: | Height: | Size: 341 KiB |
Before Width: | Height: | Size: 10 KiB After Width: | Height: | Size: 10 KiB |
Before Width: | Height: | Size: 10 KiB After Width: | Height: | Size: 10 KiB |
Before Width: | Height: | Size: 10 KiB After Width: | Height: | Size: 10 KiB |
Before Width: | Height: | Size: 27 KiB After Width: | Height: | Size: 27 KiB |
Before Width: | Height: | Size: 1.3 MiB After Width: | Height: | Size: 1.3 MiB |
Before Width: | Height: | Size: 1.3 MiB After Width: | Height: | Size: 1.3 MiB |
|
@ -139,7 +139,7 @@
|
||||||
* [content:// protocol](mobile-apps-pentesting/android-app-pentesting/content-protocol.md)
|
* [content:// protocol](mobile-apps-pentesting/android-app-pentesting/content-protocol.md)
|
||||||
* [Drozer Tutorial](mobile-apps-pentesting/android-app-pentesting/drozer-tutorial/README.md)
|
* [Drozer Tutorial](mobile-apps-pentesting/android-app-pentesting/drozer-tutorial/README.md)
|
||||||
* [Exploiting Content Providers](mobile-apps-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md)
|
* [Exploiting Content Providers](mobile-apps-pentesting/android-app-pentesting/drozer-tutorial/exploiting-content-providers.md)
|
||||||
* [Exploiting a debuggeable applciation](mobile-apps-pentesting/android-app-pentesting/exploiting-a-debuggeable-applciation.md)
|
* [Exploiting a debuggable application](mobile-apps-pentesting/android-app-pentesting/exploiting-a-debuggeable-applciation.md)
|
||||||
* [Frida Tutorial](mobile-apps-pentesting/android-app-pentesting/frida-tutorial/README.md)
|
* [Frida Tutorial](mobile-apps-pentesting/android-app-pentesting/frida-tutorial/README.md)
|
||||||
* [Frida Tutorial 1](mobile-apps-pentesting/android-app-pentesting/frida-tutorial/frida-tutorial-1.md)
|
* [Frida Tutorial 1](mobile-apps-pentesting/android-app-pentesting/frida-tutorial/frida-tutorial-1.md)
|
||||||
* [Frida Tutorial 2](mobile-apps-pentesting/android-app-pentesting/frida-tutorial/frida-tutorial-2.md)
|
* [Frida Tutorial 2](mobile-apps-pentesting/android-app-pentesting/frida-tutorial/frida-tutorial-2.md)
|
||||||
|
|
|
@ -130,7 +130,7 @@ The files in the folder WPDNSE are a copy of the original ones, then won't survi
|
||||||
|
|
||||||
Check the file `C:\Windows\inf\setupapi.dev.log` to get the timestamps about when the USB connection was produced \(search for `Section start`\).
|
Check the file `C:\Windows\inf\setupapi.dev.log` to get the timestamps about when the USB connection was produced \(search for `Section start`\).
|
||||||
|
|
||||||
![](../../../.gitbook/assets/image%20%28477%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%281%29.png)
|
![](../../../.gitbook/assets/image%20%28477%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%283%29%20%281%29.png)
|
||||||
|
|
||||||
### USB Detective
|
### USB Detective
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# Exploiting a debuggeable applciation
|
# Exploiting a debuggable application
|
||||||
|
|
||||||
**Information copied from** [**https://resources.infosecinstitute.com/android-hacking-security-part-6-exploiting-debuggable-android-applications/\#article**](https://resources.infosecinstitute.com/android-hacking-security-part-6-exploiting-debuggable-android-applications/#article)\*\*\*\*
|
**Information copied from** [**https://resources.infosecinstitute.com/android-hacking-security-part-6-exploiting-debuggable-android-applications/\#article**](https://resources.infosecinstitute.com/android-hacking-security-part-6-exploiting-debuggable-android-applications/#article)\*\*\*\*
|
||||||
|
|
||||||
|
|
|
@ -601,7 +601,7 @@ Many apps log informative \(and potentially sensitive\) messages to the console
|
||||||
5. Reproduce the problem.
|
5. Reproduce the problem.
|
||||||
6. Click on the **Open Console** button located in the upper right-hand area of the Devices window to view the console logs on a separate window.
|
6. Click on the **Open Console** button located in the upper right-hand area of the Devices window to view the console logs on a separate window.
|
||||||
|
|
||||||
![](../../.gitbook/assets/image%20%28466%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%283%29.png)
|
![](../../.gitbook/assets/image%20%28466%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%282%29%20%283%29%20%283%29.png)
|
||||||
|
|
||||||
You can also connect to the device shell as explained in Accessing the Device Shell, install **socat** via **apt-get** and run the following command:
|
You can also connect to the device shell as explained in Accessing the Device Shell, install **socat** via **apt-get** and run the following command:
|
||||||
|
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
|
|
||||||
## Attacks Graphic
|
## Attacks Graphic
|
||||||
|
|
||||||
![](../../.gitbook/assets/image%20%28535%29%20%281%29%20%281%29%20%281%29.png)
|
![](../../.gitbook/assets/image%20%28535%29%20%281%29%20%281%29%20%282%29%20%281%29.png)
|
||||||
|
|
||||||
## Tool
|
## Tool
|
||||||
|
|
||||||
|
|
|
@ -101,8 +101,7 @@ c:\Users\Public>
|
||||||
|
|
||||||
Oftentimes, the default CLSID that JuicyPotato uses **doesn't work** and the exploit fails. Usually, it takes multiple attempts to find a **working CLSID**. To get a list of CLSIDs to try for a specific operating system, you should visit this page:
|
Oftentimes, the default CLSID that JuicyPotato uses **doesn't work** and the exploit fails. Usually, it takes multiple attempts to find a **working CLSID**. To get a list of CLSIDs to try for a specific operating system, you should visit this page:
|
||||||
|
|
||||||
{% embed url="https://ohpe.it/juicy-potato/CLSID/" %}
|
{% embed url="https://ohpe.it/juicy-potato/CLSID/" caption="" %}
|
||||||
|
|
||||||
|
|
||||||
### **Checking CLSIDs**
|
### **Checking CLSIDs**
|
||||||
|
|
||||||
|
|